commit c9ed568d78b665fa7a9577ff98414110a5324f47 Author: phil Date: Sun Jun 19 20:30:17 2022 +0200 nginx: Aktualisiere Rolle. Dient nun zur allgemeinen Einrichtung von Nginx diff --git a/README.md b/README.md new file mode 100644 index 0000000..62d4363 --- /dev/null +++ b/README.md @@ -0,0 +1,4 @@ +Nginx +===== + +Diese Rolle dient zur grundlegenden Einrichtung von Nginx. diff --git a/handlers/main.yaml b/handlers/main.yaml new file mode 100644 index 0000000..945a12e --- /dev/null +++ b/handlers/main.yaml @@ -0,0 +1,14 @@ +- name: restart munin-node + service: + name: munin-node + state: restarted + +- name: reload nginx + service: + name: nginx + state: reloaded + +- name: reload monit + service: + name: monit + state: reloaded diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..16cdee7 --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,10 @@ +galaxy_info: + author: systemausfall.org + description: Ersteinrichtung von Nginx + company: Sense.Lab e.V. + license: GPLv3 + min_ansible_version: 2.9 + platforms: + - name: Debian + version: + - Bullseye diff --git a/tasks/main.yaml b/tasks/main.yaml new file mode 100644 index 0000000..90250cf --- /dev/null +++ b/tasks/main.yaml @@ -0,0 +1,6 @@ +--- +- import_tasks: packages.yml + tags: packages + +- import_tasks: monitoring.yml + tags: monitoring diff --git a/tasks/monitoring.yml b/tasks/monitoring.yml new file mode 100644 index 0000000..24c1a9b --- /dev/null +++ b/tasks/monitoring.yml @@ -0,0 +1,29 @@ +--- +- name: "monitoring | Aktiviere Munin-Plugin" + file: + src: "/usr/share/munin/plugins/nginx_{{ item }}" + dest: "/etc/munin/plugins/nginx_{{ item }}" + state: link + loop: + - request + - status + notify: restart munin-node + +- name: "monitoring | Kopiere Datei für lokale Statusausgabe" + template: + src: local-statistics.j2 + dest: /etc/nginx/sites-available/local-statistics + notify: reload nginx + +- name: "monitoring | Aktiviere Lokale Status-Ausgabe" + file: + src: /etc/nginx/sites-available/local-statistics + dest: /etc/nginx/sites-enabled/local-statistics + state: link + notify: reload nginx + +- name: "monitoring | Kopiere Monit-Überwachung" + template: + src: monit.j2 + dest: /etc/monit/conf-enabled/nginx + notify: reload monit diff --git a/tasks/packages.yml b/tasks/packages.yml new file mode 100644 index 0000000..2cc2844 --- /dev/null +++ b/tasks/packages.yml @@ -0,0 +1,6 @@ +--- +- name: "packages | Installiere Debian-Pakete" + apt: + pkg: + - liblwp-useragent-determined-perl + - nginx-full diff --git a/templates/local-statistics.j2 b/templates/local-statistics.j2 new file mode 100644 index 0000000..24427b4 --- /dev/null +++ b/templates/local-statistics.j2 @@ -0,0 +1,15 @@ +server { +{% if inventory_hostname == "sl-nextcloud.kahlo" %} + listen 127.0.0.1:81; +{% else %} + listen 127.0.0.1; +{% endif %} + server_name localhost; + location /nginx_status { + stub_status on; + access_log off; + allow 127.0.0.0/8; + allow ::1/128; + deny all; + } +} diff --git a/templates/monit.j2 b/templates/monit.j2 new file mode 100644 index 0000000..7a9dded --- /dev/null +++ b/templates/monit.j2 @@ -0,0 +1,8 @@ +# {{ ansible_managed }} + +check process nginx with pidfile /var/run/nginx.pid + group webserver + start program = "/usr/sbin/service nginx start" + stop program = "/usr/sbin/service nginx stop" + if failed host 127.0.0.1 port {{ nginx_port |default(80) }} for 3 cycles then restart + if 5 restarts with 5 cycles then timeout